What data does Mailspring collect when I use the product?

Mailspring requires that you create a Mailspring ID, but it's almost entirely an offline mail client. Your email credentials, passwords, etc. are never sent to the cloud and all of your mail is synced on your local computer. Mailspring's servers don't collect or store any mail data or other metadata unnecessarily.

Mailspring connects to it's servers via HTTPS / SSL at all times. Here's a detailed breakdown of the information Mailspring sends to it's own servers as you use the product:

The email address you use for your Mailspring ID and any information you explicitly add to your account, such as information you'd like to appear on your invoices.

The metadata (read receipts, snooze dates, reminder dates, etc.) you attach to emails using Mailspring's features (eg: "snoozed until tomorrow"). For each email in your mailbox, Mailspring hashes the headers to create a unique ID, and it associates it's own metadata with that ID—it does not send the messages, their headers, or other identifying message data to the cloud. Note that for open/link tracking, the stored metadata may contain encoded recipient email addresses because read receipt tracking is on a per-recipient basis.

Simple usage metrics that track how often you use each "Mailspring Pro" feature.

The headers, bodies and attachments of messages shared with Mailspring's "Thread Sharing" feature. When you enable thread sharing, the messages in a specific thread are synced to the cloud so you can share the conversation via a public link.

The signature images you upload using the signature editor in Preferences > Signatures.

The activity reports you upload and share from the Activity tab in the left sidebar.

This data is all associated with your Mailspring ID. Having to create an ID to use the app is a bit of a pain, but this process ensures that everything transferred to Mailspring's servers is associated with an account you can control. You can delete your account and all related data by visiting https://id.getmailspring.com/

Third Party Tools

The Mailspring desktop application does not send usage analytics to third parties (Mixpanel, Segment, Google Analytics, etc.). However, it does use Sentry to collect and triage errors that occur in the application and Stripe to securely process payments. Basic, non-billing data stored with Stripe is additionally shared with Chartmogul, which provides a business metrics dashboard. These third party services receive your email address and name and hold this data securely in accordance with their own policies.

Crash Reporting

When crashes occur in the JavaScript part of Mailspring, crash reports are sent to Sentry, which performs automatic anonymization of important fields. When crashes occur in the C++ part of Mailspring, crash data is sent to our servers over HTTPS where it is encrypted at rest so it can be analyzed later offline.